package com.xb.loan.cashier.biz.pay.bankcomm.util;

import com.infosec.n.NetSignServer;
import com.xb.loan.cashier.biz.pay.bankcomm.config.BankcommConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.io.UnsupportedEncodingException;
import java.util.LinkedHashMap;
import java.util.Map;

public class BankcommCore {
	
	private static Logger log = LoggerFactory.getLogger(BankcommConfig.class);
	
	/**
	 * 输入原文 输出Detached签名
	 * @param paramsMap
	 * @return
	 * @author zljun
	 * @date 2016年9月27日
	 */
	public static Map<String, String> detachedSign(LinkedHashMap<String, String> paramsMap){
		String srcMsg = "";
		for (String key : paramsMap.keySet()) {
			srcMsg += paramsMap.get(key)+"|";
		}
		srcMsg = srcMsg.replaceAll("\\|$", "");
		String sign = BankcommCore.detachedSign(srcMsg);
		paramsMap.put("merSignMsg", sign);//签名
		return paramsMap;
	}
	
	/**
	 * 输入原文 输出Detached签名
	 * @param srcMsg
	 * @return
	 * @author zljun
	 * @date 2016年9月27日
	 */
	public static String detachedSign(String srcMsg) {
		NetSignServer nss = NetSignServer.getInstanceWithoutInit();
		byte[] srcMsgByte = null;
		try {
			srcMsgByte = srcMsg.getBytes("GBK");
		} catch (UnsupportedEncodingException e) {
			log.error("不支持GBK编码");
			e.printStackTrace();
		}
		String signMsg = nss.NSDetachedSign(srcMsgByte, BankcommConfig.getConfig().getPfxByte(), BankcommConfig.getConfig().getPfxPassword());
		if (nss.getLastErrnum() == 0) {
			return signMsg;
		} else {
			log.error("Detached方式签名 失败");
			log.error("其中 原文=" + srcMsg);
			return "";
		}
	}

	/**
	 * 输入原文和Detached签名 输出Detached验签结果
	 * @param srcMsg
	 * @param signMsg
	 * @return
	 * @author zljun
	 * @date 2016年9月27日
	 */
	public static String detachedVerify(String srcMsg, String signMsg) {
		NetSignServer nss = NetSignServer.getInstanceWithoutInit();
		byte[] srcMsgByte = null;
		try {
			srcMsgByte = srcMsg.getBytes("GBK");
		} catch (UnsupportedEncodingException e) {
			log.error("不支持GBK编码");
			e.printStackTrace();
		}
		nss.NSDetachedVerify(srcMsgByte, signMsg, BankcommConfig.getConfig().getCerByte());
		if (nss.getLastErrnum() == 0 && nss.NSGetSignerCertInfo(NetSignServer.index_CertSubject).equals(BankcommConfig.getConfig().getBankDN())) {
			return srcMsg;
		} else {
			log.error("Detached方式验签 失败");
			log.error("其中 原文=" + srcMsg);
			log.error("其中 签名=" + signMsg);
			return "";
		}
	}

	/**
	 * 输入原文 输出Attached签名
	 * @param srcMsg
	 * @return
	 * @author zljun
	 * @date 2016年9月27日
	 */
	public static String attachedSign(String srcMsg) {
		NetSignServer nss = NetSignServer.getInstanceWithoutInit();
		byte[] srcMsgByte = null;
		try {
			srcMsgByte = srcMsg.getBytes("GBK");
		} catch (UnsupportedEncodingException e) {
			log.error("不支持GBK编码");
			e.printStackTrace();
		}
		String signMsg = nss.NSAttachedSign(srcMsgByte, BankcommConfig.getConfig().getPfxByte(), BankcommConfig.getConfig().getPfxPassword());
		if (nss.getLastErrnum() == 0) {
			return signMsg;
		} else {
			log.error("Attached方式签名 失败");
			log.error("其中 原文=" + srcMsg);
			return "";
		}
	}

	// 输入Attached签名 输出原文
	/*public static String attachedVerify(String signMsg) {
		NetSignServer nss = NetSignServer.getInstanceWithoutInit();
		nss.NSAttachedVerify(signMsg, BankcommConfig.getConfig().getCerByte());
		if (nss.getLastErrnum() == 0    &&   nss.NSGetSignerCertInfo(NetSignServer.index_CertSubject).equals(BankcommConfig.getConfig().getBankDN())) {
			byte[] srcMsgByte = nss.NSGetPlainText();
			String srcMsg = null;
			try {
				srcMsg = new String(srcMsgByte, "GBK");
			} catch (UnsupportedEncodingException e) {
				log.error("不支持GBK编码");
				e.printStackTrace();
			}
			return srcMsg;
		} else {
			log.error("Attached方式验签 失败");
			log.error("其中 签名=" + signMsg);
			return "";
		}
	}*/
	
	/**
	 * 输入Attached签名 输出原文
	 * @param signMsg
	 * @return
	 * @author zljun
	 * @date 2016年9月27日
	 */
	public static byte[] attachedVerify(String signMsg) {
		NetSignServer nss = NetSignServer.getInstanceWithoutInit();
		nss.NSAttachedVerify(signMsg, BankcommConfig.getConfig().getCerByte());
		if (nss.getLastErrnum() == 0 && nss.NSGetSignerCertInfo(NetSignServer.index_CertSubject).equals(BankcommConfig.getConfig().getBankDN())) {
			byte[] srcMsgByte = nss.NSGetPlainText();
			return srcMsgByte;
		} else {
			log.error("Attached方式验签 失败");
			log.error("其中 签名=" + signMsg);
			return null;
		}
	}
	
}
